A worrying security flaw in Apple’s new OS X Lion operating system has been discovered that will allow anyone to change your login password. The OS X Lion security flaw allows any user on the system to modify the passwords of other local accounts very easily by accessing a systems directory.
In OS X Lion, user passwords are encrypted and then are stored in files called “shadow files” which are placed in secure locations on the drive. Based on system permissions, the contents of these files can then only be accessed and modified by the user, or by an administrators after they have provided authentication.
However it seems that protection is not intact because OS X Lion keeps the password hashes in the system’s directory services, a directory that any user can access.
Lets hope Apple rolls out a patch quickly to address the issue. As any more new is released as always we will keep you updated.
Source: CNET
Latest Geeky Gadgets Deals
Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, Geeky Gadgets may earn an affiliate commission. Learn about our Disclosure Policy.
